ACL usage revisted (need feedback)

[Ken Murchison]

Jason Williams wrote:

> 
> Maybe someone can explain this to me, but are there any other options to 
> getting ACL functionality working correctly, besides using Sendmail? 
> Maybe im wrong, but im thinking Sendmail is our only option.
> 

If you want to use the Cyrus ACLs to control who can send email (post) 
to a mailbox, you have no choice but to have the MTA pass the userid of 
the poster to lmtpd (via AUTH=).  This is the only way that lmtpd knows 
who is sending the message (looking at the headers or the envelope is 
unreliable because they can be easily forged).

I don't know much about Postfix, but I would imagine that you could 
restrict posting by using some kind of external lookup (LDAP, SQL, etc). 
  This obviously has the downside of requiring a set of "posting"  ACLs
which are separate from the rest of the mailbox ACLs.

-- 
Kenneth Murchison     Oceana Matrix Ltd.
Software Engineer     21 Princeton Place
716-662-8973 x26      Orchard Park, NY 14127
--PGP Public Key--    http://www.oceana.com/~ken/ksm.pgp
---
Home Page: http://asg.web.cmu.edu/cyrus
Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html